1e41f4b71Sopenharmony_ci# Encryption and Decryption (ArkTS) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ciThis topic walks you through on how to perform encryption and decryption using AES128, RSA2048, and SM2. For details about the scenarios and supported algorithms, see [Supported Algorithms](huks-encryption-decryption-overview.md#supported-algorithms). 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ci## How to Develop 6e41f4b71Sopenharmony_ci 7e41f4b71Sopenharmony_ci**Key Generation** 8e41f4b71Sopenharmony_ci 9e41f4b71Sopenharmony_ci1. Set the key alias. 10e41f4b71Sopenharmony_ci 11e41f4b71Sopenharmony_ci2. Initialize the key property set. 12e41f4b71Sopenharmony_ci 13e41f4b71Sopenharmony_ci3. Use [generateKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksgeneratekeyitem9) to generate a key. For details, see [Key Generation](huks-key-generation-overview.md). 14e41f4b71Sopenharmony_ci 15e41f4b71Sopenharmony_ciAlternatively, you can [import a key](huks-key-import-overview.md). 16e41f4b71Sopenharmony_ci 17e41f4b71Sopenharmony_ci**Encryption** 18e41f4b71Sopenharmony_ci 19e41f4b71Sopenharmony_ci1. Obtain the key alias. 20e41f4b71Sopenharmony_ci 21e41f4b71Sopenharmony_ci2. Obtain the data to be encrypted. 22e41f4b71Sopenharmony_ci 23e41f4b71Sopenharmony_ci3. Obtain the [algorithm parameters](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam) for encryption. 24e41f4b71Sopenharmony_ci 25e41f4b71Sopenharmony_ci The parameters to be configured vary with the algorithm used. 26e41f4b71Sopenharmony_ci - If the AES algorithm, CBC block mode, and PKCS7 padding mode are used for encryption, the **IV** parameter must be set. For details, see [AES/CBC/PKCS7](#aescbcpkcs7). 27e41f4b71Sopenharmony_ci - If the AES algorithm and GCM block mode are used for encryption, the **NONCE** parameter is mandatory and **AAD** is optional. For details, see [AES/GCM/NoPadding](#aesgcmnopadding). 28e41f4b71Sopenharmony_ci - If the RSA algorithm is used for encryption, you need to select the corresponding block mode, padding mode, and digest algorithm. For details, see [RSA/ECB/PKCS1_V1_5](#rsaecbpkcs1_v1_5) and [RSA/ECB/OAEP/SHA256](#rsaecboaepsha256). 29e41f4b71Sopenharmony_ci - If the SM2 algorithm is used for encryption, the digest algorithm must be SM3. For details, see [SM2](#sm2). 30e41f4b71Sopenharmony_ci 31e41f4b71Sopenharmony_ci For details about the specifications, see [Encryption and Decryption Overview and Algorithm Specifications](huks-encryption-decryption-overview.md). 32e41f4b71Sopenharmony_ci 33e41f4b71Sopenharmony_ci4. Use [initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9) to initialize a key session. The session handle is returned after the initialization. 34e41f4b71Sopenharmony_ci 35e41f4b71Sopenharmony_ci5. Use [finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9) with the session handle to obtain the ciphertext. 36e41f4b71Sopenharmony_ci 37e41f4b71Sopenharmony_ci**Decryption** 38e41f4b71Sopenharmony_ci 39e41f4b71Sopenharmony_ci1. Obtain the key alias. 40e41f4b71Sopenharmony_ci 41e41f4b71Sopenharmony_ci2. Obtain the ciphertext to be decrypted. 42e41f4b71Sopenharmony_ci 43e41f4b71Sopenharmony_ci3. Obtain the [algorithm parameters](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksparam) for decryption. 44e41f4b71Sopenharmony_ci 45e41f4b71Sopenharmony_ci The parameters to be configured vary with the algorithm used. 46e41f4b71Sopenharmony_ci - If the AES algorithm and GCM block mode are used for encryption, **NONCE** and **AEAD** are mandatory and **AAD** is optional. For details, see [AES/GCM/NoPadding](#aesgcmnopadding). 47e41f4b71Sopenharmony_ci - The requirements for the parameters in the other development cases are the same as those in the encryption. 48e41f4b71Sopenharmony_ci 49e41f4b71Sopenharmony_ci For details about the specifications, see [Encryption and Decryption Overview and Algorithm Specifications](huks-encryption-decryption-overview.md). 50e41f4b71Sopenharmony_ci 51e41f4b71Sopenharmony_ci4. Use [initSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksinitsession9) to initialize a key session. The session handle is returned after the initialization. 52e41f4b71Sopenharmony_ci 53e41f4b71Sopenharmony_ci5. Use [finishSession](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksfinishsession9) to obtain the data decrypted. 54e41f4b71Sopenharmony_ci 55e41f4b71Sopenharmony_ci**Key Deletion** 56e41f4b71Sopenharmony_ci 57e41f4b71Sopenharmony_ciUse [deleteKeyItem](../../reference/apis-universal-keystore-kit/js-apis-huks.md#huksdeletekeyitem9) to delete the key that is not required. For details, see [Deleting a Key](huks-delete-key-arkts.md). 58e41f4b71Sopenharmony_ci 59e41f4b71Sopenharmony_ci## Development Cases 60e41f4b71Sopenharmony_ci 61e41f4b71Sopenharmony_ci### AES/CBC/PKCS7 62e41f4b71Sopenharmony_ci 63e41f4b71Sopenharmony_ci```ts 64e41f4b71Sopenharmony_ci/* 65e41f4b71Sopenharmony_ci * The following uses AES/CBC/PKCS7 with promise-based APIs. 66e41f4b71Sopenharmony_ci */ 67e41f4b71Sopenharmony_ciimport { huks } from '@kit.UniversalKeystoreKit'; 68e41f4b71Sopenharmony_ci 69e41f4b71Sopenharmony_cilet aesKeyAlias = 'test_aesKeyAlias'; 70e41f4b71Sopenharmony_cilet handle: number; 71e41f4b71Sopenharmony_cilet plainText = '123456'; 72e41f4b71Sopenharmony_cilet IV = '001122334455'; 73e41f4b71Sopenharmony_cilet cipherData: Uint8Array; 74e41f4b71Sopenharmony_ci 75e41f4b71Sopenharmony_cifunction StringToUint8Array(str: String) { 76e41f4b71Sopenharmony_ci let arr: number[] = new Array(); 77e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; ++i) { 78e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 79e41f4b71Sopenharmony_ci } 80e41f4b71Sopenharmony_ci return new Uint8Array(arr); 81e41f4b71Sopenharmony_ci} 82e41f4b71Sopenharmony_ci 83e41f4b71Sopenharmony_cifunction Uint8ArrayToString(fileData: Uint8Array) { 84e41f4b71Sopenharmony_ci let dataString = ''; 85e41f4b71Sopenharmony_ci for (let i = 0; i < fileData.length; i++) { 86e41f4b71Sopenharmony_ci dataString += String.fromCharCode(fileData[i]); 87e41f4b71Sopenharmony_ci } 88e41f4b71Sopenharmony_ci return dataString; 89e41f4b71Sopenharmony_ci} 90e41f4b71Sopenharmony_ci 91e41f4b71Sopenharmony_cifunction GetAesGenerateProperties() { 92e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 93e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 94e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_AES 95e41f4b71Sopenharmony_ci }, { 96e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 97e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 98e41f4b71Sopenharmony_ci }, { 99e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 100e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 101e41f4b71Sopenharmony_ci huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 102e41f4b71Sopenharmony_ci }]; 103e41f4b71Sopenharmony_ci return properties; 104e41f4b71Sopenharmony_ci} 105e41f4b71Sopenharmony_ci 106e41f4b71Sopenharmony_cifunction GetAesEncryptProperties() { 107e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 108e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 109e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_AES 110e41f4b71Sopenharmony_ci }, { 111e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 112e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 113e41f4b71Sopenharmony_ci }, { 114e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 115e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 116e41f4b71Sopenharmony_ci }, { 117e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 118e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 119e41f4b71Sopenharmony_ci }, { 120e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 121e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_CBC 122e41f4b71Sopenharmony_ci }, { 123e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_IV, 124e41f4b71Sopenharmony_ci value: StringToUint8Array(IV) 125e41f4b71Sopenharmony_ci }]; 126e41f4b71Sopenharmony_ci return properties; 127e41f4b71Sopenharmony_ci} 128e41f4b71Sopenharmony_ci 129e41f4b71Sopenharmony_cifunction GetAesDecryptProperties() { 130e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 131e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 132e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_AES 133e41f4b71Sopenharmony_ci }, { 134e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 135e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 136e41f4b71Sopenharmony_ci }, { 137e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 138e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 139e41f4b71Sopenharmony_ci }, { 140e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 141e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_PKCS7 142e41f4b71Sopenharmony_ci }, { 143e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 144e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_CBC 145e41f4b71Sopenharmony_ci }, { 146e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_IV, 147e41f4b71Sopenharmony_ci value: StringToUint8Array(IV) 148e41f4b71Sopenharmony_ci }]; 149e41f4b71Sopenharmony_ci return properties; 150e41f4b71Sopenharmony_ci} 151e41f4b71Sopenharmony_ci 152e41f4b71Sopenharmony_ciasync function GenerateAesKey() { 153e41f4b71Sopenharmony_ci /* 154e41f4b71Sopenharmony_ci * Simulate the key generation scenario. 155e41f4b71Sopenharmony_ci * 1. Set the key alias. 156e41f4b71Sopenharmony_ci */ 157e41f4b71Sopenharmony_ci /* 158e41f4b71Sopenharmony_ci * 2. Obtain the parameters for key generation. 159e41f4b71Sopenharmony_ci */ 160e41f4b71Sopenharmony_ci let genProperties = GetAesGenerateProperties(); 161e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 162e41f4b71Sopenharmony_ci properties: genProperties 163e41f4b71Sopenharmony_ci } 164e41f4b71Sopenharmony_ci /* 165e41f4b71Sopenharmony_ci * 3. Call generateKeyItem. 166e41f4b71Sopenharmony_ci */ 167e41f4b71Sopenharmony_ci await huks.generateKeyItem(aesKeyAlias, options) 168e41f4b71Sopenharmony_ci .then((data) => { 169e41f4b71Sopenharmony_ci console.info(`promise: generate AES Key success, data = ${JSON.stringify(data)}`); 170e41f4b71Sopenharmony_ci }).catch((error: Error) => { 171e41f4b71Sopenharmony_ci console.error(`promise: generate AES Key failed, ${JSON.stringify(error)}`); 172e41f4b71Sopenharmony_ci }) 173e41f4b71Sopenharmony_ci} 174e41f4b71Sopenharmony_ci 175e41f4b71Sopenharmony_ciasync function EncryptData() { 176e41f4b71Sopenharmony_ci /* 177e41f4b71Sopenharmony_ci * Simulate the encryption scenario. 178e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 179e41f4b71Sopenharmony_ci */ 180e41f4b71Sopenharmony_ci /* 181e41f4b71Sopenharmony_ci * 2. Obtain the data to be encrypted. 182e41f4b71Sopenharmony_ci */ 183e41f4b71Sopenharmony_ci /* 184e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for encryption. 185e41f4b71Sopenharmony_ci */ 186e41f4b71Sopenharmony_ci let encryptProperties = GetAesEncryptProperties(); 187e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 188e41f4b71Sopenharmony_ci properties: encryptProperties, 189e41f4b71Sopenharmony_ci inData: StringToUint8Array(plainText) 190e41f4b71Sopenharmony_ci } 191e41f4b71Sopenharmony_ci /* 192e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 193e41f4b71Sopenharmony_ci */ 194e41f4b71Sopenharmony_ci await huks.initSession(aesKeyAlias, options) 195e41f4b71Sopenharmony_ci .then((data) => { 196e41f4b71Sopenharmony_ci handle = data.handle; 197e41f4b71Sopenharmony_ci }).catch((error: Error) => { 198e41f4b71Sopenharmony_ci console.error(`promise: init EncryptData failed, ${JSON.stringify(error)}`); 199e41f4b71Sopenharmony_ci }) 200e41f4b71Sopenharmony_ci /* 201e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the ciphertext. 202e41f4b71Sopenharmony_ci */ 203e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 204e41f4b71Sopenharmony_ci .then((data) => { 205e41f4b71Sopenharmony_ci console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 206e41f4b71Sopenharmony_ci cipherData = data.outData as Uint8Array; 207e41f4b71Sopenharmony_ci }).catch((error: Error) => { 208e41f4b71Sopenharmony_ci console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 209e41f4b71Sopenharmony_ci }) 210e41f4b71Sopenharmony_ci} 211e41f4b71Sopenharmony_ci 212e41f4b71Sopenharmony_ciasync function DecryptData() { 213e41f4b71Sopenharmony_ci /* 214e41f4b71Sopenharmony_ci * Simulate the decryption scenario. 215e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 216e41f4b71Sopenharmony_ci */ 217e41f4b71Sopenharmony_ci /* 218e41f4b71Sopenharmony_ci * 2. Obtain the ciphertext to be decrypted. 219e41f4b71Sopenharmony_ci */ 220e41f4b71Sopenharmony_ci /* 221e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for decryption. 222e41f4b71Sopenharmony_ci */ 223e41f4b71Sopenharmony_ci let decryptOptions = GetAesDecryptProperties() 224e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 225e41f4b71Sopenharmony_ci properties: decryptOptions, 226e41f4b71Sopenharmony_ci inData: cipherData 227e41f4b71Sopenharmony_ci } 228e41f4b71Sopenharmony_ci /* 229e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 230e41f4b71Sopenharmony_ci */ 231e41f4b71Sopenharmony_ci await huks.initSession(aesKeyAlias, options) 232e41f4b71Sopenharmony_ci .then((data) => { 233e41f4b71Sopenharmony_ci handle = data.handle; 234e41f4b71Sopenharmony_ci }).catch((error: Error) => { 235e41f4b71Sopenharmony_ci console.error(`promise: init DecryptData failed, ${JSON.stringify(error)}`); 236e41f4b71Sopenharmony_ci }) 237e41f4b71Sopenharmony_ci /* 238e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the decrypted data. 239e41f4b71Sopenharmony_ci */ 240e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 241e41f4b71Sopenharmony_ci .then((data) => { 242e41f4b71Sopenharmony_ci console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 243e41f4b71Sopenharmony_ci }).catch((error: Error) => { 244e41f4b71Sopenharmony_ci console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 245e41f4b71Sopenharmony_ci }) 246e41f4b71Sopenharmony_ci} 247e41f4b71Sopenharmony_ci 248e41f4b71Sopenharmony_ciasync function DeleteKey() { 249e41f4b71Sopenharmony_ci /* 250e41f4b71Sopenharmony_ci * Simulate the key deletion scenario. 251e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 252e41f4b71Sopenharmony_ci */ 253e41f4b71Sopenharmony_ci let emptyOptions: huks.HuksOptions = { 254e41f4b71Sopenharmony_ci properties: [] 255e41f4b71Sopenharmony_ci } 256e41f4b71Sopenharmony_ci /* 257e41f4b71Sopenharmony_ci * 2. Call deleteKeyItem to delete the key. 258e41f4b71Sopenharmony_ci */ 259e41f4b71Sopenharmony_ci await huks.deleteKeyItem(aesKeyAlias, emptyOptions) 260e41f4b71Sopenharmony_ci .then((data) => { 261e41f4b71Sopenharmony_ci console.info(`promise: delete data success`); 262e41f4b71Sopenharmony_ci }).catch((error: Error) => { 263e41f4b71Sopenharmony_ci console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 264e41f4b71Sopenharmony_ci }) 265e41f4b71Sopenharmony_ci} 266e41f4b71Sopenharmony_ci``` 267e41f4b71Sopenharmony_ci 268e41f4b71Sopenharmony_ci### AES/GCM/NoPadding 269e41f4b71Sopenharmony_ci 270e41f4b71Sopenharmony_ci```ts 271e41f4b71Sopenharmony_ci/* 272e41f4b71Sopenharmony_ci * The following uses AES/GCM/NoPadding with promise-based APIs. 273e41f4b71Sopenharmony_ci */ 274e41f4b71Sopenharmony_ciimport { huks } from '@kit.UniversalKeystoreKit'; 275e41f4b71Sopenharmony_ci 276e41f4b71Sopenharmony_cilet aesKeyAlias = 'test_aesKeyAlias'; 277e41f4b71Sopenharmony_cilet handle: number; 278e41f4b71Sopenharmony_cilet plainText = '123456'; 279e41f4b71Sopenharmony_cilet cipherData: Uint8Array; 280e41f4b71Sopenharmony_cilet AAD = '1234567890123456'; 281e41f4b71Sopenharmony_cilet NONCE = '001122334455'; 282e41f4b71Sopenharmony_ci 283e41f4b71Sopenharmony_cifunction StringToUint8Array(str: String) { 284e41f4b71Sopenharmony_ci let arr: number[] = new Array(); 285e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; ++i) { 286e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 287e41f4b71Sopenharmony_ci } 288e41f4b71Sopenharmony_ci return new Uint8Array(arr); 289e41f4b71Sopenharmony_ci} 290e41f4b71Sopenharmony_ci 291e41f4b71Sopenharmony_cifunction Uint8ArrayToString(fileData: Uint8Array) { 292e41f4b71Sopenharmony_ci let dataString = ''; 293e41f4b71Sopenharmony_ci for (let i = 0; i < fileData.length; i++) { 294e41f4b71Sopenharmony_ci dataString += String.fromCharCode(fileData[i]); 295e41f4b71Sopenharmony_ci } 296e41f4b71Sopenharmony_ci return dataString; 297e41f4b71Sopenharmony_ci} 298e41f4b71Sopenharmony_ci 299e41f4b71Sopenharmony_cifunction GetAesGenerateProperties() { 300e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 301e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 302e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_AES 303e41f4b71Sopenharmony_ci }, { 304e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 305e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 306e41f4b71Sopenharmony_ci }, { 307e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 308e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 309e41f4b71Sopenharmony_ci huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 310e41f4b71Sopenharmony_ci }]; 311e41f4b71Sopenharmony_ci return properties; 312e41f4b71Sopenharmony_ci} 313e41f4b71Sopenharmony_ci 314e41f4b71Sopenharmony_cifunction GetAesGcmEncryptProperties() { 315e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 316e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 317e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_AES 318e41f4b71Sopenharmony_ci }, { 319e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 320e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 321e41f4b71Sopenharmony_ci }, { 322e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 323e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 324e41f4b71Sopenharmony_ci }, { 325e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 326e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_NONE 327e41f4b71Sopenharmony_ci }, { 328e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 329e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_GCM 330e41f4b71Sopenharmony_ci }, { 331e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_NONCE, 332e41f4b71Sopenharmony_ci value: StringToUint8Array(NONCE) 333e41f4b71Sopenharmony_ci }, { 334e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 335e41f4b71Sopenharmony_ci value: StringToUint8Array(AAD) 336e41f4b71Sopenharmony_ci }]; 337e41f4b71Sopenharmony_ci return properties; 338e41f4b71Sopenharmony_ci} 339e41f4b71Sopenharmony_ci 340e41f4b71Sopenharmony_cifunction GetAesGcmDecryptProperties(cipherData:Uint8Array) { 341e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [ 342e41f4b71Sopenharmony_ci { 343e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 344e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_AES 345e41f4b71Sopenharmony_ci }, { 346e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 347e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_AES_KEY_SIZE_128 348e41f4b71Sopenharmony_ci }, { 349e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 350e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 351e41f4b71Sopenharmony_ci }, { 352e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 353e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_NONE 354e41f4b71Sopenharmony_ci }, { 355e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 356e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_GCM 357e41f4b71Sopenharmony_ci }, { 358e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_NONCE, 359e41f4b71Sopenharmony_ci value: StringToUint8Array(NONCE) 360e41f4b71Sopenharmony_ci }, { 361e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ASSOCIATED_DATA, 362e41f4b71Sopenharmony_ci value: StringToUint8Array(AAD) 363e41f4b71Sopenharmony_ci }, { 364e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_AE_TAG, 365e41f4b71Sopenharmony_ci value: cipherData.slice(cipherData.length-16) 366e41f4b71Sopenharmony_ci }]; 367e41f4b71Sopenharmony_ci return properties; 368e41f4b71Sopenharmony_ci} 369e41f4b71Sopenharmony_ci 370e41f4b71Sopenharmony_ciasync function GenerateAesKey() { 371e41f4b71Sopenharmony_ci /* 372e41f4b71Sopenharmony_ci * Simulate the key generation scenario. 373e41f4b71Sopenharmony_ci * 1. Set the key alias. 374e41f4b71Sopenharmony_ci */ 375e41f4b71Sopenharmony_ci /* 376e41f4b71Sopenharmony_ci * 2. Obtain the parameters for key generation. 377e41f4b71Sopenharmony_ci */ 378e41f4b71Sopenharmony_ci let genProperties = GetAesGenerateProperties(); 379e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 380e41f4b71Sopenharmony_ci properties: genProperties 381e41f4b71Sopenharmony_ci } 382e41f4b71Sopenharmony_ci /* 383e41f4b71Sopenharmony_ci * 3. Call generateKeyItem. 384e41f4b71Sopenharmony_ci */ 385e41f4b71Sopenharmony_ci await huks.generateKeyItem(aesKeyAlias, options) 386e41f4b71Sopenharmony_ci .then((data) => { 387e41f4b71Sopenharmony_ci console.info(`promise: generate AES Key success, data = ${JSON.stringify(data)}`); 388e41f4b71Sopenharmony_ci }).catch((error: Error) => { 389e41f4b71Sopenharmony_ci console.error(`promise: generate AES Key failed, ${JSON.stringify(error)}`); 390e41f4b71Sopenharmony_ci }) 391e41f4b71Sopenharmony_ci} 392e41f4b71Sopenharmony_ci 393e41f4b71Sopenharmony_ciasync function EncryptData() { 394e41f4b71Sopenharmony_ci /* 395e41f4b71Sopenharmony_ci * Simulate the encryption scenario. 396e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 397e41f4b71Sopenharmony_ci */ 398e41f4b71Sopenharmony_ci /* 399e41f4b71Sopenharmony_ci * 2. Obtain the data to be encrypted. 400e41f4b71Sopenharmony_ci */ 401e41f4b71Sopenharmony_ci /* 402e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for encryption. 403e41f4b71Sopenharmony_ci */ 404e41f4b71Sopenharmony_ci let encryptProperties = GetAesGcmEncryptProperties(); 405e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 406e41f4b71Sopenharmony_ci properties: encryptProperties, 407e41f4b71Sopenharmony_ci inData: StringToUint8Array(plainText) 408e41f4b71Sopenharmony_ci } 409e41f4b71Sopenharmony_ci /* 410e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 411e41f4b71Sopenharmony_ci */ 412e41f4b71Sopenharmony_ci await huks.initSession(aesKeyAlias, options) 413e41f4b71Sopenharmony_ci .then((data) => { 414e41f4b71Sopenharmony_ci handle = data.handle; 415e41f4b71Sopenharmony_ci }).catch((error: Error) => { 416e41f4b71Sopenharmony_ci console.error(`promise: init EncryptDataGcm failed, ${JSON.stringify(error)}`); 417e41f4b71Sopenharmony_ci }) 418e41f4b71Sopenharmony_ci /* 419e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the ciphertext. 420e41f4b71Sopenharmony_ci */ 421e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 422e41f4b71Sopenharmony_ci .then((data) => { 423e41f4b71Sopenharmony_ci console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 424e41f4b71Sopenharmony_ci cipherData = data.outData as Uint8Array; 425e41f4b71Sopenharmony_ci }).catch((error: Error) => { 426e41f4b71Sopenharmony_ci console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 427e41f4b71Sopenharmony_ci }) 428e41f4b71Sopenharmony_ci} 429e41f4b71Sopenharmony_ci 430e41f4b71Sopenharmony_ciasync function DecryptData() { 431e41f4b71Sopenharmony_ci /* 432e41f4b71Sopenharmony_ci * Simulate the decryption scenario. 433e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 434e41f4b71Sopenharmony_ci */ 435e41f4b71Sopenharmony_ci /* 436e41f4b71Sopenharmony_ci * 2. Obtain the ciphertext to be decrypted. 437e41f4b71Sopenharmony_ci */ 438e41f4b71Sopenharmony_ci /* 439e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for decryption. 440e41f4b71Sopenharmony_ci */ 441e41f4b71Sopenharmony_ci let decryptOptions = GetAesGcmDecryptProperties(cipherData) 442e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 443e41f4b71Sopenharmony_ci properties: decryptOptions, 444e41f4b71Sopenharmony_ci inData: cipherData.slice(0, cipherData.length-16) 445e41f4b71Sopenharmony_ci } 446e41f4b71Sopenharmony_ci /* 447e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 448e41f4b71Sopenharmony_ci */ 449e41f4b71Sopenharmony_ci await huks.initSession(aesKeyAlias, options) 450e41f4b71Sopenharmony_ci .then((data) => { 451e41f4b71Sopenharmony_ci handle = data.handle; 452e41f4b71Sopenharmony_ci }).catch((error: Error) => { 453e41f4b71Sopenharmony_ci console.error(`promise: init DecryptDataGcm failed, ${JSON.stringify(error)}`); 454e41f4b71Sopenharmony_ci }) 455e41f4b71Sopenharmony_ci /* 456e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the decrypted data. 457e41f4b71Sopenharmony_ci */ 458e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 459e41f4b71Sopenharmony_ci .then((data) => { 460e41f4b71Sopenharmony_ci console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 461e41f4b71Sopenharmony_ci }).catch((error: Error) => { 462e41f4b71Sopenharmony_ci console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 463e41f4b71Sopenharmony_ci }) 464e41f4b71Sopenharmony_ci} 465e41f4b71Sopenharmony_ci 466e41f4b71Sopenharmony_ciasync function DeleteKey() { 467e41f4b71Sopenharmony_ci /* 468e41f4b71Sopenharmony_ci * Simulate the key deletion scenario. 469e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 470e41f4b71Sopenharmony_ci */ 471e41f4b71Sopenharmony_ci let emptyOptions: huks.HuksOptions = { 472e41f4b71Sopenharmony_ci properties: [] 473e41f4b71Sopenharmony_ci } 474e41f4b71Sopenharmony_ci /* 475e41f4b71Sopenharmony_ci * 2. Call deleteKeyItem to delete the key. 476e41f4b71Sopenharmony_ci */ 477e41f4b71Sopenharmony_ci await huks.deleteKeyItem(aesKeyAlias, emptyOptions) 478e41f4b71Sopenharmony_ci .then((data) => { 479e41f4b71Sopenharmony_ci console.info(`promise: delete data success`); 480e41f4b71Sopenharmony_ci }).catch((error: Error) => { 481e41f4b71Sopenharmony_ci console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 482e41f4b71Sopenharmony_ci }) 483e41f4b71Sopenharmony_ci} 484e41f4b71Sopenharmony_ci``` 485e41f4b71Sopenharmony_ci 486e41f4b71Sopenharmony_ci### RSA/ECB/PKCS1_V1_5 487e41f4b71Sopenharmony_ci 488e41f4b71Sopenharmony_ci``` 489e41f4b71Sopenharmony_ci/* 490e41f4b71Sopenharmony_ci * The following uses RSA/ECB/PKCS1_V1_5 with promise-based APIs. 491e41f4b71Sopenharmony_ci */ 492e41f4b71Sopenharmony_ciimport { huks } from '@kit.UniversalKeystoreKit'; 493e41f4b71Sopenharmony_ci 494e41f4b71Sopenharmony_cilet rsaKeyAlias = 'test_rsaKeyAlias'; 495e41f4b71Sopenharmony_cilet handle: number; 496e41f4b71Sopenharmony_cilet plainText = '123456'; 497e41f4b71Sopenharmony_cilet cipherData: Uint8Array; 498e41f4b71Sopenharmony_ci 499e41f4b71Sopenharmony_cifunction StringToUint8Array(str: String) { 500e41f4b71Sopenharmony_ci let arr: number[] = new Array(); 501e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; ++i) { 502e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 503e41f4b71Sopenharmony_ci } 504e41f4b71Sopenharmony_ci return new Uint8Array(arr); 505e41f4b71Sopenharmony_ci} 506e41f4b71Sopenharmony_ci 507e41f4b71Sopenharmony_cifunction Uint8ArrayToString(fileData: Uint8Array) { 508e41f4b71Sopenharmony_ci let dataString = ''; 509e41f4b71Sopenharmony_ci for (let i = 0; i < fileData.length; i++) { 510e41f4b71Sopenharmony_ci dataString += String.fromCharCode(fileData[i]); 511e41f4b71Sopenharmony_ci } 512e41f4b71Sopenharmony_ci return dataString; 513e41f4b71Sopenharmony_ci} 514e41f4b71Sopenharmony_ci 515e41f4b71Sopenharmony_cifunction GetRsaGenerateProperties() { 516e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 517e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 518e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_RSA 519e41f4b71Sopenharmony_ci }, { 520e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 521e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 522e41f4b71Sopenharmony_ci }, { 523e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 524e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 525e41f4b71Sopenharmony_ci huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 526e41f4b71Sopenharmony_ci }]; 527e41f4b71Sopenharmony_ci return properties; 528e41f4b71Sopenharmony_ci} 529e41f4b71Sopenharmony_ci 530e41f4b71Sopenharmony_cifunction GetRsaEncryptProperties() { 531e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 532e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 533e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_RSA 534e41f4b71Sopenharmony_ci }, { 535e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 536e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 537e41f4b71Sopenharmony_ci }, { 538e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 539e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 540e41f4b71Sopenharmony_ci }, { 541e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 542e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 543e41f4b71Sopenharmony_ci }, { 544e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 545e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_ECB 546e41f4b71Sopenharmony_ci }, { 547e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_DIGEST, 548e41f4b71Sopenharmony_ci value: huks.HuksKeyDigest.HUKS_DIGEST_NONE 549e41f4b71Sopenharmony_ci }]; 550e41f4b71Sopenharmony_ci return properties; 551e41f4b71Sopenharmony_ci} 552e41f4b71Sopenharmony_ci 553e41f4b71Sopenharmony_cifunction GetRsaDecryptProperties() { 554e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 555e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 556e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_RSA 557e41f4b71Sopenharmony_ci }, { 558e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 559e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 560e41f4b71Sopenharmony_ci }, { 561e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 562e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 563e41f4b71Sopenharmony_ci }, { 564e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 565e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_PKCS1_V1_5 566e41f4b71Sopenharmony_ci }, { 567e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 568e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_ECB 569e41f4b71Sopenharmony_ci }, { 570e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_DIGEST, 571e41f4b71Sopenharmony_ci value: huks.HuksKeyDigest.HUKS_DIGEST_NONE 572e41f4b71Sopenharmony_ci }]; 573e41f4b71Sopenharmony_ci return properties; 574e41f4b71Sopenharmony_ci} 575e41f4b71Sopenharmony_ci 576e41f4b71Sopenharmony_ciasync function GenerateRsaKey() { 577e41f4b71Sopenharmony_ci /* 578e41f4b71Sopenharmony_ci * Simulate the key generation scenario. 579e41f4b71Sopenharmony_ci * 1. Set the key alias. 580e41f4b71Sopenharmony_ci */ 581e41f4b71Sopenharmony_ci /* 582e41f4b71Sopenharmony_ci * 2. Obtain the parameters for key generation. 583e41f4b71Sopenharmony_ci */ 584e41f4b71Sopenharmony_ci let genProperties = GetRsaGenerateProperties(); 585e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 586e41f4b71Sopenharmony_ci properties: genProperties 587e41f4b71Sopenharmony_ci } 588e41f4b71Sopenharmony_ci /* 589e41f4b71Sopenharmony_ci * 3. Call generateKeyItem. 590e41f4b71Sopenharmony_ci */ 591e41f4b71Sopenharmony_ci await huks.generateKeyItem(rsaKeyAlias, options) 592e41f4b71Sopenharmony_ci .then((data) => { 593e41f4b71Sopenharmony_ci console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 594e41f4b71Sopenharmony_ci }).catch((error: Error) => { 595e41f4b71Sopenharmony_ci console.error(`promise: generate RSA Key failed, ${JSON.stringify(error)}`); 596e41f4b71Sopenharmony_ci }) 597e41f4b71Sopenharmony_ci} 598e41f4b71Sopenharmony_ci 599e41f4b71Sopenharmony_ciasync function EncryptData() { 600e41f4b71Sopenharmony_ci /* 601e41f4b71Sopenharmony_ci * Simulate the encryption scenario. 602e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 603e41f4b71Sopenharmony_ci */ 604e41f4b71Sopenharmony_ci /* 605e41f4b71Sopenharmony_ci * 2. Obtain the data to be encrypted. 606e41f4b71Sopenharmony_ci */ 607e41f4b71Sopenharmony_ci /* 608e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for encryption. 609e41f4b71Sopenharmony_ci */ 610e41f4b71Sopenharmony_ci let encryptProperties = GetRsaEncryptProperties(); 611e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 612e41f4b71Sopenharmony_ci properties: encryptProperties, 613e41f4b71Sopenharmony_ci inData: StringToUint8Array(plainText) 614e41f4b71Sopenharmony_ci } 615e41f4b71Sopenharmony_ci /* 616e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 617e41f4b71Sopenharmony_ci */ 618e41f4b71Sopenharmony_ci await huks.initSession(rsaKeyAlias, options) 619e41f4b71Sopenharmony_ci .then((data) => { 620e41f4b71Sopenharmony_ci handle = data.handle; 621e41f4b71Sopenharmony_ci }).catch((error: Error) => { 622e41f4b71Sopenharmony_ci console.error(`promise: init EncryptDataRsa failed, ${JSON.stringify(error)}`); 623e41f4b71Sopenharmony_ci }) 624e41f4b71Sopenharmony_ci /* 625e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the ciphertext. 626e41f4b71Sopenharmony_ci */ 627e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 628e41f4b71Sopenharmony_ci .then((data) => { 629e41f4b71Sopenharmony_ci console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 630e41f4b71Sopenharmony_ci cipherData = data.outData as Uint8Array; 631e41f4b71Sopenharmony_ci }).catch((error: Error) => { 632e41f4b71Sopenharmony_ci console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 633e41f4b71Sopenharmony_ci }) 634e41f4b71Sopenharmony_ci} 635e41f4b71Sopenharmony_ci 636e41f4b71Sopenharmony_ciasync function DecryptData() { 637e41f4b71Sopenharmony_ci /* 638e41f4b71Sopenharmony_ci * Simulate the decryption scenario. 639e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 640e41f4b71Sopenharmony_ci */ 641e41f4b71Sopenharmony_ci /* 642e41f4b71Sopenharmony_ci * 2. Obtain the ciphertext to be decrypted. 643e41f4b71Sopenharmony_ci */ 644e41f4b71Sopenharmony_ci /* 645e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for decryption. 646e41f4b71Sopenharmony_ci */ 647e41f4b71Sopenharmony_ci let decryptOptions = GetRsaDecryptProperties() 648e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 649e41f4b71Sopenharmony_ci properties: decryptOptions, 650e41f4b71Sopenharmony_ci inData: cipherData 651e41f4b71Sopenharmony_ci } 652e41f4b71Sopenharmony_ci /* 653e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 654e41f4b71Sopenharmony_ci */ 655e41f4b71Sopenharmony_ci await huks.initSession(rsaKeyAlias, options) 656e41f4b71Sopenharmony_ci .then((data) => { 657e41f4b71Sopenharmony_ci handle = data.handle; 658e41f4b71Sopenharmony_ci }).catch((error: Error) => { 659e41f4b71Sopenharmony_ci console.error(`promise: init DecryptDataRsa failed, ${JSON.stringify(error)}`); 660e41f4b71Sopenharmony_ci }) 661e41f4b71Sopenharmony_ci /* 662e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the decrypted data. 663e41f4b71Sopenharmony_ci */ 664e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 665e41f4b71Sopenharmony_ci .then((data) => { 666e41f4b71Sopenharmony_ci console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 667e41f4b71Sopenharmony_ci }).catch((error: Error) => { 668e41f4b71Sopenharmony_ci console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 669e41f4b71Sopenharmony_ci }) 670e41f4b71Sopenharmony_ci} 671e41f4b71Sopenharmony_ci 672e41f4b71Sopenharmony_ciasync function DeleteKey() { 673e41f4b71Sopenharmony_ci /* 674e41f4b71Sopenharmony_ci * Simulate the key deletion scenario. 675e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 676e41f4b71Sopenharmony_ci */ 677e41f4b71Sopenharmony_ci let emptyOptions: huks.HuksOptions = { 678e41f4b71Sopenharmony_ci properties: [] 679e41f4b71Sopenharmony_ci } 680e41f4b71Sopenharmony_ci /* 681e41f4b71Sopenharmony_ci * 2. Call deleteKeyItem to delete the key. 682e41f4b71Sopenharmony_ci */ 683e41f4b71Sopenharmony_ci await huks.deleteKeyItem(rsaKeyAlias, emptyOptions) 684e41f4b71Sopenharmony_ci .then((data) => { 685e41f4b71Sopenharmony_ci console.info(`promise: delete data success`); 686e41f4b71Sopenharmony_ci }).catch((error: Error) => { 687e41f4b71Sopenharmony_ci console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 688e41f4b71Sopenharmony_ci }) 689e41f4b71Sopenharmony_ci} 690e41f4b71Sopenharmony_ci``` 691e41f4b71Sopenharmony_ci 692e41f4b71Sopenharmony_ci### RSA/ECB/OAEP/SHA256 693e41f4b71Sopenharmony_ci 694e41f4b71Sopenharmony_ci``` 695e41f4b71Sopenharmony_ci/* 696e41f4b71Sopenharmony_ci * The following uses RSA/ECB/OAEP/SHA256 with promise-based APIs. 697e41f4b71Sopenharmony_ci */ 698e41f4b71Sopenharmony_ciimport { huks } from '@kit.UniversalKeystoreKit'; 699e41f4b71Sopenharmony_ci 700e41f4b71Sopenharmony_cilet rsaKeyAlias = 'test_rsaKeyAlias'; 701e41f4b71Sopenharmony_cilet handle: number; 702e41f4b71Sopenharmony_cilet plainText = '123456'; 703e41f4b71Sopenharmony_cilet cipherData: Uint8Array; 704e41f4b71Sopenharmony_ci 705e41f4b71Sopenharmony_cifunction StringToUint8Array(str: String) { 706e41f4b71Sopenharmony_ci let arr: number[] = new Array(); 707e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; ++i) { 708e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 709e41f4b71Sopenharmony_ci } 710e41f4b71Sopenharmony_ci return new Uint8Array(arr); 711e41f4b71Sopenharmony_ci} 712e41f4b71Sopenharmony_ci 713e41f4b71Sopenharmony_cifunction Uint8ArrayToString(fileData: Uint8Array) { 714e41f4b71Sopenharmony_ci let dataString = ''; 715e41f4b71Sopenharmony_ci for (let i = 0; i < fileData.length; i++) { 716e41f4b71Sopenharmony_ci dataString += String.fromCharCode(fileData[i]); 717e41f4b71Sopenharmony_ci } 718e41f4b71Sopenharmony_ci return dataString; 719e41f4b71Sopenharmony_ci} 720e41f4b71Sopenharmony_ci 721e41f4b71Sopenharmony_cifunction GetRsaGenerateProperties() { 722e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 723e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 724e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_RSA 725e41f4b71Sopenharmony_ci }, { 726e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 727e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 728e41f4b71Sopenharmony_ci }, { 729e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 730e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 731e41f4b71Sopenharmony_ci huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 732e41f4b71Sopenharmony_ci }]; 733e41f4b71Sopenharmony_ci return properties; 734e41f4b71Sopenharmony_ci} 735e41f4b71Sopenharmony_ci 736e41f4b71Sopenharmony_cifunction GetRsaEncryptProperties() { 737e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 738e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 739e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_RSA 740e41f4b71Sopenharmony_ci }, { 741e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 742e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 743e41f4b71Sopenharmony_ci }, { 744e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 745e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 746e41f4b71Sopenharmony_ci }, { 747e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 748e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_OAEP 749e41f4b71Sopenharmony_ci }, { 750e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 751e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_ECB 752e41f4b71Sopenharmony_ci }, { 753e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_DIGEST, 754e41f4b71Sopenharmony_ci value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 755e41f4b71Sopenharmony_ci }]; 756e41f4b71Sopenharmony_ci return properties; 757e41f4b71Sopenharmony_ci} 758e41f4b71Sopenharmony_ci 759e41f4b71Sopenharmony_cifunction GetRsaDecryptProperties() { 760e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 761e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 762e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_RSA 763e41f4b71Sopenharmony_ci }, { 764e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 765e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_RSA_KEY_SIZE_2048 766e41f4b71Sopenharmony_ci }, { 767e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 768e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 769e41f4b71Sopenharmony_ci }, { 770e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PADDING, 771e41f4b71Sopenharmony_ci value: huks.HuksKeyPadding.HUKS_PADDING_OAEP 772e41f4b71Sopenharmony_ci }, { 773e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_BLOCK_MODE, 774e41f4b71Sopenharmony_ci value: huks.HuksCipherMode.HUKS_MODE_ECB 775e41f4b71Sopenharmony_ci }, { 776e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_DIGEST, 777e41f4b71Sopenharmony_ci value: huks.HuksKeyDigest.HUKS_DIGEST_SHA256 778e41f4b71Sopenharmony_ci }]; 779e41f4b71Sopenharmony_ci return properties; 780e41f4b71Sopenharmony_ci} 781e41f4b71Sopenharmony_ci 782e41f4b71Sopenharmony_ciasync function GenerateRsaKey() { 783e41f4b71Sopenharmony_ci /* 784e41f4b71Sopenharmony_ci * Simulate the key generation scenario. 785e41f4b71Sopenharmony_ci * 1. Set the key alias. 786e41f4b71Sopenharmony_ci */ 787e41f4b71Sopenharmony_ci /* 788e41f4b71Sopenharmony_ci * 2. Obtain the parameters for key generation. 789e41f4b71Sopenharmony_ci */ 790e41f4b71Sopenharmony_ci let genProperties = GetRsaGenerateProperties(); 791e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 792e41f4b71Sopenharmony_ci properties: genProperties 793e41f4b71Sopenharmony_ci } 794e41f4b71Sopenharmony_ci /* 795e41f4b71Sopenharmony_ci * 3. Call generateKeyItem. 796e41f4b71Sopenharmony_ci */ 797e41f4b71Sopenharmony_ci await huks.generateKeyItem(rsaKeyAlias, options) 798e41f4b71Sopenharmony_ci .then((data) => { 799e41f4b71Sopenharmony_ci console.info(`promise: generate RSA Key success, data = ${JSON.stringify(data)}`); 800e41f4b71Sopenharmony_ci }).catch((error: Error) => { 801e41f4b71Sopenharmony_ci console.error(`promise: generate RSA Key failed, ${JSON.stringify(error)}`); 802e41f4b71Sopenharmony_ci }) 803e41f4b71Sopenharmony_ci} 804e41f4b71Sopenharmony_ci 805e41f4b71Sopenharmony_ciasync function EncryptData() { 806e41f4b71Sopenharmony_ci /* 807e41f4b71Sopenharmony_ci * Simulate the encryption scenario. 808e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 809e41f4b71Sopenharmony_ci */ 810e41f4b71Sopenharmony_ci /* 811e41f4b71Sopenharmony_ci * 2. Obtain the data to be encrypted. 812e41f4b71Sopenharmony_ci */ 813e41f4b71Sopenharmony_ci /* 814e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for encryption. 815e41f4b71Sopenharmony_ci */ 816e41f4b71Sopenharmony_ci let encryptProperties = GetRsaEncryptProperties(); 817e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 818e41f4b71Sopenharmony_ci properties: encryptProperties, 819e41f4b71Sopenharmony_ci inData: StringToUint8Array(plainText) 820e41f4b71Sopenharmony_ci } 821e41f4b71Sopenharmony_ci /* 822e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 823e41f4b71Sopenharmony_ci */ 824e41f4b71Sopenharmony_ci await huks.initSession(rsaKeyAlias, options) 825e41f4b71Sopenharmony_ci .then((data) => { 826e41f4b71Sopenharmony_ci handle = data.handle; 827e41f4b71Sopenharmony_ci }).catch((error: Error) => { 828e41f4b71Sopenharmony_ci console.error(`promise: init EncryptDataRsa failed, ${JSON.stringify(error)}`); 829e41f4b71Sopenharmony_ci }) 830e41f4b71Sopenharmony_ci /* 831e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the ciphertext. 832e41f4b71Sopenharmony_ci */ 833e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 834e41f4b71Sopenharmony_ci .then((data) => { 835e41f4b71Sopenharmony_ci console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 836e41f4b71Sopenharmony_ci cipherData = data.outData as Uint8Array; 837e41f4b71Sopenharmony_ci }).catch((error: Error) => { 838e41f4b71Sopenharmony_ci console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 839e41f4b71Sopenharmony_ci }) 840e41f4b71Sopenharmony_ci} 841e41f4b71Sopenharmony_ci 842e41f4b71Sopenharmony_ciasync function DecryptData() { 843e41f4b71Sopenharmony_ci /* 844e41f4b71Sopenharmony_ci * Simulate the decryption scenario. 845e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 846e41f4b71Sopenharmony_ci */ 847e41f4b71Sopenharmony_ci /* 848e41f4b71Sopenharmony_ci * 2. Obtain the ciphertext to be decrypted. 849e41f4b71Sopenharmony_ci */ 850e41f4b71Sopenharmony_ci /* 851e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for decryption. 852e41f4b71Sopenharmony_ci */ 853e41f4b71Sopenharmony_ci let decryptOptions = GetRsaDecryptProperties() 854e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 855e41f4b71Sopenharmony_ci properties: decryptOptions, 856e41f4b71Sopenharmony_ci inData: cipherData 857e41f4b71Sopenharmony_ci } 858e41f4b71Sopenharmony_ci /* 859e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 860e41f4b71Sopenharmony_ci */ 861e41f4b71Sopenharmony_ci await huks.initSession(rsaKeyAlias, options) 862e41f4b71Sopenharmony_ci .then((data) => { 863e41f4b71Sopenharmony_ci handle = data.handle; 864e41f4b71Sopenharmony_ci }).catch((error: Error) => { 865e41f4b71Sopenharmony_ci console.error(`promise: init DecryptDataRsa failed, ${JSON.stringify(error)}`); 866e41f4b71Sopenharmony_ci }) 867e41f4b71Sopenharmony_ci /* 868e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the decrypted data. 869e41f4b71Sopenharmony_ci */ 870e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 871e41f4b71Sopenharmony_ci .then((data) => { 872e41f4b71Sopenharmony_ci console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 873e41f4b71Sopenharmony_ci }).catch((error: Error) => { 874e41f4b71Sopenharmony_ci console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 875e41f4b71Sopenharmony_ci }) 876e41f4b71Sopenharmony_ci} 877e41f4b71Sopenharmony_ci 878e41f4b71Sopenharmony_ciasync function DeleteKey() { 879e41f4b71Sopenharmony_ci /* 880e41f4b71Sopenharmony_ci * Simulate the key deletion scenario. 881e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 882e41f4b71Sopenharmony_ci */ 883e41f4b71Sopenharmony_ci let emptyOptions: huks.HuksOptions = { 884e41f4b71Sopenharmony_ci properties: [] 885e41f4b71Sopenharmony_ci } 886e41f4b71Sopenharmony_ci /* 887e41f4b71Sopenharmony_ci * 2. Call deleteKeyItem to delete the key. 888e41f4b71Sopenharmony_ci */ 889e41f4b71Sopenharmony_ci await huks.deleteKeyItem(rsaKeyAlias, emptyOptions) 890e41f4b71Sopenharmony_ci .then((data) => { 891e41f4b71Sopenharmony_ci console.info(`promise: delete data success`); 892e41f4b71Sopenharmony_ci }).catch((error: Error) => { 893e41f4b71Sopenharmony_ci console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 894e41f4b71Sopenharmony_ci }) 895e41f4b71Sopenharmony_ci} 896e41f4b71Sopenharmony_ci``` 897e41f4b71Sopenharmony_ci 898e41f4b71Sopenharmony_ci### SM2 899e41f4b71Sopenharmony_ci 900e41f4b71Sopenharmony_ci```ts 901e41f4b71Sopenharmony_ci/* 902e41f4b71Sopenharmony_ci * The following uses SM2 with promise-based APIs. 903e41f4b71Sopenharmony_ci */ 904e41f4b71Sopenharmony_ciimport { huks } from '@kit.UniversalKeystoreKit'; 905e41f4b71Sopenharmony_ci 906e41f4b71Sopenharmony_cilet sm2KeyAlias = 'test_sm2KeyAlias'; 907e41f4b71Sopenharmony_cilet handle: number; 908e41f4b71Sopenharmony_cilet plainText = '123456'; 909e41f4b71Sopenharmony_cilet cipherData: Uint8Array; 910e41f4b71Sopenharmony_ci 911e41f4b71Sopenharmony_cifunction StringToUint8Array(str: String) { 912e41f4b71Sopenharmony_ci let arr: number[] = new Array(); 913e41f4b71Sopenharmony_ci for (let i = 0, j = str.length; i < j; ++i) { 914e41f4b71Sopenharmony_ci arr.push(str.charCodeAt(i)); 915e41f4b71Sopenharmony_ci } 916e41f4b71Sopenharmony_ci return new Uint8Array(arr); 917e41f4b71Sopenharmony_ci} 918e41f4b71Sopenharmony_ci 919e41f4b71Sopenharmony_cifunction Uint8ArrayToString(fileData: Uint8Array) { 920e41f4b71Sopenharmony_ci let dataString = ''; 921e41f4b71Sopenharmony_ci for (let i = 0; i < fileData.length; i++) { 922e41f4b71Sopenharmony_ci dataString += String.fromCharCode(fileData[i]); 923e41f4b71Sopenharmony_ci } 924e41f4b71Sopenharmony_ci return dataString; 925e41f4b71Sopenharmony_ci} 926e41f4b71Sopenharmony_ci 927e41f4b71Sopenharmony_cifunction GetSm2GenerateProperties() { 928e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 929e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 930e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_SM2 931e41f4b71Sopenharmony_ci }, { 932e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 933e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 934e41f4b71Sopenharmony_ci }, { 935e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 936e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT | 937e41f4b71Sopenharmony_ci huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 938e41f4b71Sopenharmony_ci }]; 939e41f4b71Sopenharmony_ci return properties; 940e41f4b71Sopenharmony_ci} 941e41f4b71Sopenharmony_ci 942e41f4b71Sopenharmony_cifunction GetSm2EncryptProperties() { 943e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 944e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 945e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_SM2 946e41f4b71Sopenharmony_ci }, { 947e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 948e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 949e41f4b71Sopenharmony_ci }, { 950e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 951e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_ENCRYPT 952e41f4b71Sopenharmony_ci }, { 953e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_DIGEST, 954e41f4b71Sopenharmony_ci value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 955e41f4b71Sopenharmony_ci }]; 956e41f4b71Sopenharmony_ci return properties; 957e41f4b71Sopenharmony_ci} 958e41f4b71Sopenharmony_ci 959e41f4b71Sopenharmony_cifunction GetSm2DecryptProperties() { 960e41f4b71Sopenharmony_ci let properties: Array<huks.HuksParam> = [{ 961e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_ALGORITHM, 962e41f4b71Sopenharmony_ci value: huks.HuksKeyAlg.HUKS_ALG_SM2 963e41f4b71Sopenharmony_ci }, { 964e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_KEY_SIZE, 965e41f4b71Sopenharmony_ci value: huks.HuksKeySize.HUKS_SM2_KEY_SIZE_256 966e41f4b71Sopenharmony_ci }, { 967e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_PURPOSE, 968e41f4b71Sopenharmony_ci value: huks.HuksKeyPurpose.HUKS_KEY_PURPOSE_DECRYPT 969e41f4b71Sopenharmony_ci }, { 970e41f4b71Sopenharmony_ci tag: huks.HuksTag.HUKS_TAG_DIGEST, 971e41f4b71Sopenharmony_ci value: huks.HuksKeyDigest.HUKS_DIGEST_SM3 972e41f4b71Sopenharmony_ci }]; 973e41f4b71Sopenharmony_ci return properties; 974e41f4b71Sopenharmony_ci} 975e41f4b71Sopenharmony_ci 976e41f4b71Sopenharmony_ciasync function GenerateSm2Key() { 977e41f4b71Sopenharmony_ci /* 978e41f4b71Sopenharmony_ci * Simulate the key generation scenario. 979e41f4b71Sopenharmony_ci * 1. Set the key alias. 980e41f4b71Sopenharmony_ci */ 981e41f4b71Sopenharmony_ci /* 982e41f4b71Sopenharmony_ci * 2. Obtain the parameters for key generation. 983e41f4b71Sopenharmony_ci */ 984e41f4b71Sopenharmony_ci let genProperties = GetSm2GenerateProperties(); 985e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 986e41f4b71Sopenharmony_ci properties: genProperties 987e41f4b71Sopenharmony_ci } 988e41f4b71Sopenharmony_ci /* 989e41f4b71Sopenharmony_ci * 3. Call generateKeyItem. 990e41f4b71Sopenharmony_ci */ 991e41f4b71Sopenharmony_ci await huks.generateKeyItem(sm2KeyAlias, options) 992e41f4b71Sopenharmony_ci .then((data) => { 993e41f4b71Sopenharmony_ci console.info(`promise: generate SM2 Key success, data = ${JSON.stringify(data)}`); 994e41f4b71Sopenharmony_ci }).catch((error: Error) => { 995e41f4b71Sopenharmony_ci console.error(`promise: generate SM2 Key failed, ${JSON.stringify(error)}`); 996e41f4b71Sopenharmony_ci }) 997e41f4b71Sopenharmony_ci} 998e41f4b71Sopenharmony_ci 999e41f4b71Sopenharmony_ciasync function EncryptDataSm2() { 1000e41f4b71Sopenharmony_ci /* 1001e41f4b71Sopenharmony_ci * Simulate the encryption scenario. 1002e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 1003e41f4b71Sopenharmony_ci */ 1004e41f4b71Sopenharmony_ci /* 1005e41f4b71Sopenharmony_ci * 2. Obtain the data to be encrypted. 1006e41f4b71Sopenharmony_ci */ 1007e41f4b71Sopenharmony_ci /* 1008e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for encryption. 1009e41f4b71Sopenharmony_ci */ 1010e41f4b71Sopenharmony_ci let encryptProperties = GetSm2EncryptProperties(); 1011e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 1012e41f4b71Sopenharmony_ci properties: encryptProperties, 1013e41f4b71Sopenharmony_ci inData: StringToUint8Array(plainText) 1014e41f4b71Sopenharmony_ci } 1015e41f4b71Sopenharmony_ci /* 1016e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 1017e41f4b71Sopenharmony_ci */ 1018e41f4b71Sopenharmony_ci await huks.initSession(sm2KeyAlias, options) 1019e41f4b71Sopenharmony_ci .then((data) => { 1020e41f4b71Sopenharmony_ci handle = data.handle; 1021e41f4b71Sopenharmony_ci }).catch((error: Error) => { 1022e41f4b71Sopenharmony_ci console.error(`promise: init EncryptDataSm2 failed, ${JSON.stringify(error)}`); 1023e41f4b71Sopenharmony_ci }) 1024e41f4b71Sopenharmony_ci /* 1025e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the ciphertext. 1026e41f4b71Sopenharmony_ci */ 1027e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 1028e41f4b71Sopenharmony_ci .then((data) => { 1029e41f4b71Sopenharmony_ci console.info(`promise: encrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 1030e41f4b71Sopenharmony_ci cipherData = data.outData as Uint8Array; 1031e41f4b71Sopenharmony_ci }).catch((error: Error) => { 1032e41f4b71Sopenharmony_ci console.error(`promise: encrypt data failed, ${JSON.stringify(error)}`); 1033e41f4b71Sopenharmony_ci }) 1034e41f4b71Sopenharmony_ci} 1035e41f4b71Sopenharmony_ci 1036e41f4b71Sopenharmony_ciasync function DecryptDataSm2() { 1037e41f4b71Sopenharmony_ci /* 1038e41f4b71Sopenharmony_ci * Simulate the decryption scenario. 1039e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 1040e41f4b71Sopenharmony_ci */ 1041e41f4b71Sopenharmony_ci /* 1042e41f4b71Sopenharmony_ci * 2. Obtain the ciphertext to be decrypted. 1043e41f4b71Sopenharmony_ci */ 1044e41f4b71Sopenharmony_ci /* 1045e41f4b71Sopenharmony_ci * 3. Obtain the algorithm parameters for decryption. 1046e41f4b71Sopenharmony_ci */ 1047e41f4b71Sopenharmony_ci let decryptOptions = GetSm2DecryptProperties() 1048e41f4b71Sopenharmony_ci let options: huks.HuksOptions = { 1049e41f4b71Sopenharmony_ci properties: decryptOptions, 1050e41f4b71Sopenharmony_ci inData: cipherData 1051e41f4b71Sopenharmony_ci } 1052e41f4b71Sopenharmony_ci /* 1053e41f4b71Sopenharmony_ci * 4. Call initSession to obtain a session handle. 1054e41f4b71Sopenharmony_ci */ 1055e41f4b71Sopenharmony_ci await huks.initSession(sm2KeyAlias, options) 1056e41f4b71Sopenharmony_ci .then((data) => { 1057e41f4b71Sopenharmony_ci handle = data.handle; 1058e41f4b71Sopenharmony_ci }).catch((error: Error) => { 1059e41f4b71Sopenharmony_ci console.error(`promise: init DecryptDataSm2 failed, ${JSON.stringify(error)}`); 1060e41f4b71Sopenharmony_ci }) 1061e41f4b71Sopenharmony_ci /* 1062e41f4b71Sopenharmony_ci * 5. Call finishSession to obtain the decrypted data. 1063e41f4b71Sopenharmony_ci */ 1064e41f4b71Sopenharmony_ci await huks.finishSession(handle, options) 1065e41f4b71Sopenharmony_ci .then((data) => { 1066e41f4b71Sopenharmony_ci console.info(`promise: decrypt data success, data is ` + Uint8ArrayToString(data.outData as Uint8Array)); 1067e41f4b71Sopenharmony_ci }).catch((error: Error) => { 1068e41f4b71Sopenharmony_ci console.error(`promise: decrypt data failed, ${JSON.stringify(error)}`); 1069e41f4b71Sopenharmony_ci }) 1070e41f4b71Sopenharmony_ci} 1071e41f4b71Sopenharmony_ci 1072e41f4b71Sopenharmony_ciasync function DeleteKey() { 1073e41f4b71Sopenharmony_ci /* 1074e41f4b71Sopenharmony_ci * Simulate the key deletion scenario. 1075e41f4b71Sopenharmony_ci * 1. Obtain the key alias. 1076e41f4b71Sopenharmony_ci */ 1077e41f4b71Sopenharmony_ci let emptyOptions: huks.HuksOptions = { 1078e41f4b71Sopenharmony_ci properties: [] 1079e41f4b71Sopenharmony_ci } 1080e41f4b71Sopenharmony_ci /* 1081e41f4b71Sopenharmony_ci * 2. Call deleteKeyItem to delete the key. 1082e41f4b71Sopenharmony_ci */ 1083e41f4b71Sopenharmony_ci await huks.deleteKeyItem(sm2KeyAlias, emptyOptions) 1084e41f4b71Sopenharmony_ci .then((data) => { 1085e41f4b71Sopenharmony_ci console.info(`promise: delete data success`); 1086e41f4b71Sopenharmony_ci }).catch((error: Error) => { 1087e41f4b71Sopenharmony_ci console.error(`promise: delete data failed, ${JSON.stringify(error)}`); 1088e41f4b71Sopenharmony_ci }) 1089e41f4b71Sopenharmony_ci} 1090e41f4b71Sopenharmony_ci``` 1091